1215 matches found
CVE-2011-10028
CVE-2011-10028 affects RealArcade/RealNetworks RealArcade platform via an ActiveX control (InstallerDlg.dll, 2.6.0.445) exposing Exec through StubbyUtil.ProcessMgr COM. The method allows remote attackers to execute arbitrary commands on a Windows machine without proper validation or restrictions....
CVE-2011-10028 RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
CVE-2025-30033
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East's public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, exhibited tactics mirroring those of...
New Ransomware Charon Uses Earth Baxia APT Techniques To Target Enterprises
We uncovered Charon, a new ransomware strainfamily that uses advanced APT-style techniques, including DLL sideloading, process injection, and anti-EDR capabilities, to target organizations with customized ransom demands...
Paramount Macrium Reflect 安全漏洞
Paramount Macrium Reflect is an image-based backup and recovery software from Paramount UK. A security vulnerability exists in Paramount Macrium Reflect version 2025-06-26 and earlier, which stems from an insecure DLL search path that could lead to the execution of arbitrary code with administrat...
Embedded Malicious Code
Overview num2words is a malicious package. A malicious actor compromised the credentials of one of the package maintainers via a phishing attack; This allowed the attacker to modify the intialization script init.py and publish tampered versions of the package to PyPI. Script Behavior The code...
CVE-2025-6241
Summary: CVE-2025-6241 affects Lakeside Software SysTrack’s LsiAgent.exe, which loads DLLs not present in default installations. If a user-writable directory exists in the SYSTEM PATH, a malicious DLL named wfapi.dll could be written there and executed by LsiAgent.exe at startup or service restar...
Commvault for Windows 安全漏洞
Commvault for Windows is a data backup, recovery software from Commvault, Inc. A security vulnerability exists in Commvault for Windows that originates from a DLL injection and could lead to arbitrary code execution. The following versions are affected: version 11.20.0, version 11.28.0, version...
CVE-2025-7427
Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio...
Malicious code in got-fetch (npm)
This package installs a windows based malware file node-gyp.dll via install.js...
SUR-FBD CMMS 安全漏洞
SUR-FBD CMMS is a computerized maintenance management system from the Polish company SUR-FBD. A security vulnerability exists in SUR-FBD CMMS that stems from the presence of hard-coded credentials in a DLL file, which could lead to full control of the application...
HCL Traveler 代码问题漏洞
HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. A security vulnerability exists in HCL Traveler that stems from vulnerability to DLL hijacking attacks...
CVE-2024-6618
In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...
CVE-2023-22743
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This...
CVE-2021-26556
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-35449
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing durin...
CVE-2018-16545
Kaizen Asset Manager Enterprise Edition and Training Manager Enterprise Edition allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library dll assumed the identity of a temporary tmp file isxdl.dll and an executable file assum...
CVE-2023-31358
A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
ToDesk 代码问题漏洞
ToDesk is a professional remote desktop software from ToDesk China. A code issue vulnerability exists in ToDesk version 4.7.6.3, which stems from an uncontrolled search path for the library profapi.dll in the component DLL File Parser...